aboutsummaryrefslogtreecommitdiffstats
path: root/doc/gpg.texi
diff options
context:
space:
mode:
Diffstat (limited to 'doc/gpg.texi')
-rw-r--r--doc/gpg.texi62
1 files changed, 55 insertions, 7 deletions
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 927d77d35..3a2c0ff7f 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -2257,6 +2257,16 @@ works properly with such messages, there is often a desire to set a
maximum file size that will be generated before processing is forced to
stop by the OS limits. Defaults to 0, which means "no limit".
+@item --chunk-size @var{n}
+@opindex chunk-size
+The AEAD encryption mode encrypts the data in chunks so that a
+receiving side can check for transmission errors or tampering at the
+end of each chunk and does not need to delay this until all data has
+been received. The used chunk size is 2^@var{n} byte. The lowest
+allowed value for @var{n} is 6 (64 byte) and the largest is 62 (4
+EiB). The default value for @var{n} is 30 which creates chunks not
+larger than 1 GiB.
+
@item --input-size-hint @var{n}
@opindex input-size-hint
This option can be used to tell GPG the size of the input data in
@@ -2594,6 +2604,16 @@ is the default.
@itemx --no-force-v4-certs
These options are obsolete and have no effect since GnuPG 2.1.
+@item --force-aead
+@opindex force-aead
+Force the use of AEAD encryption over MDC encryption. AEAD is a
+modern and faster way to do authenticated encrytion than the old MDC
+method. See also options @option{--aead-algo} and
+@option{--chunk-size}.
+
+This option requires the use of option @option{--rfc4880bis} to
+declare that a not yet standardized feature is used.
+
@item --force-mdc
@opindex force-mdc
Force the use of encryption with a modification detection code. This
@@ -2625,6 +2645,16 @@ preferences, as GPG will only select an algorithm that is usable by
all recipients. The most highly ranked cipher in this list is also
used for the @option{--symmetric} encryption command.
+@item --personal-aead-preferences @var{string}
+@opindex personal-aead-preferences
+Set the list of personal AEAD preferences to @var{string}. Use
+@command{@gpgname --version} to get a list of available algorithms,
+and use @code{none} to set no preference at all. This allows the user
+to safely override the algorithm chosen by the recipient key
+preferences, as GPG will only select an algorithm that is usable by
+all recipients. The most highly ranked cipher in this list is also
+used for the @option{--symmetric} encryption command.
+
@item --personal-digest-preferences @var{string}
@opindex personal-digest-preferences
Set the list of personal digest preferences to @var{string}. Use
@@ -2831,6 +2861,12 @@ Set all useful debugging flags.
Set stdout into line buffered mode. This option is only honored when
given on the command line.
+@item --debug-set-iobuf-size @var{n}
+@opindex debug-iolbf
+Change the buffer size of the IOBUFs to @var{n} kilobyte. Using 0
+prints the current size. Note well: This is a maintainer only option
+and may thus be changed or removed at any time without notice.
+
@item --faked-system-time @var{epoch}
@opindex faked-system-time
This option is only useful for testing; it sets the system time back or
@@ -2983,17 +3019,28 @@ Use @var{name} as cipher algorithm. Running the program with the
command @option{--version} yields a list of supported algorithms. If
this is not used the cipher algorithm is selected from the preferences
stored with the key. In general, you do not want to use this option as
-it allows you to violate the OpenPGP standard.
+it allows you to violate the OpenPGP standard. The option
@option{--personal-cipher-preferences} is the safe way to accomplish the
same thing.
+@item --aead-algo @var{name}
+@opindex aead-algo
+Specify that the AEAD algorithm @var{name} is to be used. This is
+useful for symmetric encryption where no key preference are available
+to select the AEAD algorithm. Runing @command{@gpgname} with option
+@option{--version} shows the available AEAD algorithms. In general,
+you do not want to use this option as it allows you to violate the
+OpenPGP standard. The option @option{--personal-aead-preferences} is
+the safe way to accomplish the same thing.
+
@item --digest-algo @var{name}
@opindex digest-algo
Use @var{name} as the message digest algorithm. Running the program
-with the command @option{--version} yields a list of supported algorithms. In
-general, you do not want to use this option as it allows you to
-violate the OpenPGP standard. @option{--personal-digest-preferences} is the
-safe way to accomplish the same thing.
+with the command @option{--version} yields a list of supported
+algorithms. In general, you do not want to use this option as it
+allows you to violate the OpenPGP standard. The option
+@option{--personal-digest-preferences} is the safe way to accomplish
+the same thing.
@item --compress-algo @var{name}
@opindex compress-algo
@@ -3015,8 +3062,9 @@ significant in low memory situations. Note, however, that PGP (all
versions) only supports ZIP compression. Using any algorithm other
than ZIP or "none" will make the message unreadable with PGP. In
general, you do not want to use this option as it allows you to
-violate the OpenPGP standard. @option{--personal-compress-preferences} is the
-safe way to accomplish the same thing.
+violate the OpenPGP standard. The option
+@option{--personal-compress-preferences} is the safe way to accomplish
+the same thing.
@item --cert-digest-algo @var{name}
@opindex cert-digest-algo
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-15 12:31:33 +0000